urlscan.io logo urlscan.io
SecurityTrails logo

onboarding.nuvamawealth.com Open in urlscan Pro
52.85.61.128  Public Scan

Go To Rescan Add Verdict Report
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Submission: On August 28 via manual from IN — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 2 countries across 18 domains to perform 80 HTTP transactions. The main IP is 52.85.61.128, located in United States and belongs to AMAZON-02, US. The main domain is onboarding.nuvamawealth.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on October 23rd 2023. Valid for: a year.
This is the only time onboarding.nuvamawealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 52.85.61.128 16509 (AMAZON-02)
1 151.101.194.137 54113 (FASTLY)
4 142.251.41.8 15169 (GOOGLE)
2 142.251.32.110 15169 (GOOGLE)
2 69.147.92.11 14777 (YAHOO)
3 150.171.27.10 8075 (MICROSOFT...)
2 157.240.241.1 32934 (FACEBOOK)
1 142.251.40.98 15169 (GOOGLE)
3 142.250.176.194 15169 (GOOGLE)
1 2 142.250.65.230 15169 (GOOGLE)
1 142.251.40.102 15169 (GOOGLE)
1 216.239.36.181 15169 (GOOGLE)
2 172.253.115.155 15169 (GOOGLE)
2 142.250.65.195 15169 (GOOGLE)
2 157.240.241.35 32934 (FACEBOOK)
1 142.250.80.68 15169 (GOOGLE)
1 54.88.71.74 14618 (AMAZON-AES)
4 18.173.132.34 16509 (AMAZON-02)
2 13.225.63.13 16509 (AMAZON-02)
20 104.18.1.51 13335 (CLOUDFLAR...)
4 54.240.162.28 16509 (AMAZON-02)
2 3 104.17.97.195 13335 (CLOUDFLAR...)
2 104.18.72.113 13335 (CLOUDFLAR...)
6 104.18.7.105 13335 (CLOUDFLAR...)
80 25
9    52.85.61.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-128.ewr53.r.cloudfront.net
onboarding.nuvamawealth.com
1    151.101.194.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    142.251.41.8 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f8.1e100.net
www.googletagmanager.com
2    142.251.32.110 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f14.1e100.net
www.google-analytics.com
2    69.147.92.11 (Ashburn, United States)

ASN14777 (YAHOO, US)
PTR: e1.ycpi.vip.dca.yahoo.com
s.yimg.com
3    150.171.27.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net
connect.facebook.net
1    142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
googleads.g.doubleclick.net
3    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
td.doubleclick.net
2    142.250.65.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net
8696767.fls.doubleclick.net
1    142.251.40.102 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f6.1e100.net
ad.doubleclick.net
1    216.239.36.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
stats.g.doubleclick.net
2    142.250.65.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f3.1e100.net
www.google.ca
2    157.240.241.35 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-lga3.facebook.com
www.facebook.com
1    142.250.80.68 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f4.1e100.net
www.google.com
1    54.88.71.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-71-74.compute-1.amazonaws.com
sp.analytics.yahoo.com
4    18.173.132.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-34.jfk52.r.cloudfront.net
nwaop.nuvamawealth.com
2    13.225.63.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-13.ewr53.r.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
20    104.18.1.51 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.yellowmessenger.com
4    54.240.162.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-240-162-28.hyd57.r.cloudfront.net
in.clevertap-prod.com
3    104.17.97.195 (None, )

ASN13335 (CLOUDFLARENET, US)
v2.zopim.com
2    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
6    104.18.7.105 (None, )

ASN13335 (CLOUDFLARENET, US)
cloud.yellow.ai
Apex Domain
Subdomains		 Transfer
20 yellowmessenger.com
cdn.yellowmessenger.com — Cisco Umbrella Rank: 73376
386 KB
13 nuvamawealth.com
onboarding.nuvamawealth.com
nwaop.nuvamawealth.com
3 MB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
td.doubleclick.net — Cisco Umbrella Rank: 481
8696767.fls.doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 210
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
3 KB
6 yellow.ai
cloud.yellow.ai — Cisco Umbrella Rank: 64264
2 KB
4 clevertap-prod.com
in.clevertap-prod.com — Cisco Umbrella Rank: 227863
3 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
384 KB
3 zopim.com
v2.zopim.com — Cisco Umbrella Rank: 29907
245 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
15 KB
2 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3854
ekr.zdassets.com — Cisco Umbrella Rank: 4356
6 KB
2 cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
37 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
127 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 238
www.google.com — Cisco Umbrella Rank: 10
64 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
71 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 1020
8 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 2393
670 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
24 KB
80 18
Domain Requested by
20 cdn.yellowmessenger.com onboarding.nuvamawealth.com
cdn.yellowmessenger.com
9 onboarding.nuvamawealth.com onboarding.nuvamawealth.com
6 cloud.yellow.ai cdn.yellowmessenger.com
4 in.clevertap-prod.com d2r1yp2w7bby2u.cloudfront.net
4 nwaop.nuvamawealth.com onboarding.nuvamawealth.com
4 www.googletagmanager.com onboarding.nuvamawealth.com
www.googletagmanager.com
3 v2.zopim.com 2 redirects onboarding.nuvamawealth.com
3 td.doubleclick.net www.googletagmanager.com
3 bat.bing.com onboarding.nuvamawealth.com
bat.bing.com
2 d2r1yp2w7bby2u.cloudfront.net onboarding.nuvamawealth.com
d2r1yp2w7bby2u.cloudfront.net
2 www.facebook.com onboarding.nuvamawealth.com
2 www.google.ca onboarding.nuvamawealth.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 8696767.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 connect.facebook.net onboarding.nuvamawealth.com
connect.facebook.net
2 s.yimg.com onboarding.nuvamawealth.com
s.yimg.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 ekr.zdassets.com v2.zopim.com
1 static.zdassets.com onboarding.nuvamawealth.com
1 sp.analytics.yahoo.com onboarding.nuvamawealth.com
1 www.google.com onboarding.nuvamawealth.com
1 analytics.google.com www.googletagmanager.com
1 ad.doubleclick.net onboarding.nuvamawealth.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 code.jquery.com onboarding.nuvamawealth.com
80 25

This site contains no links.

Subject Issuer Validity Valid
*.nuvamawealth.com
GlobalSign RSA OV SSL CA 2018		 2023-10-23 -
2024-11-23		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-08-26 -
2024-10-16		 2 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-06 -
2024-09-04		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.ca
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-07-30 -
2025-01-22		 6 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
yellowmessenger.com
E5		 2024-07-19 -
2024-10-17		 3 months crt.sh
in.clevertap-prod.com
Amazon RSA 2048 M03		 2024-03-07 -
2025-04-06		 a year crt.sh
zdassets.com
E5		 2024-08-27 -
2024-11-25		 3 months crt.sh
yellow.ai
E5		 2024-07-19 -
2024-10-17		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Frame ID: A7A6E30013AA5EFAFCEB851F72E0B218
Requests: 51 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/994734298?random=1724846487323&cv=11&fst=1724846487323&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48q0v9123545117z872605990za201zb72605990&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE&hn=www.googleadservices.com&frm=0&tiba=Nuvama&npa=0&pscdl=noapi&auid=1656508924.1724846487&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 2A31CE063FC553E205DCE7A286293107
Requests: 1 HTTP requests in this frame

Frame: https://8696767.fls.doubleclick.net/activityi;dc_pre=CKequvHRl4gDFWqljggdlRwCnQ;src=8696767;type=invmedia;cat=edelw000;ord=298812326138;npa=0;auiddc=1656508924.1724846487;ps=1;pcor=1086362566;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48q0v9190263210za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE
Frame ID: 8099DA071A8C568126DA70DE6701D85B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=8696767;type=invmedia;cat=edelw000;ord=298812326138;npa=0;auiddc=1656508924.1724846487;ps=1;pcor=1086362566;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48q0v9190263210za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE
Frame ID: 5F705481D0656BB050537A88CC102D86
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-FLH792TTE8&gacid=661085500.1724846487&gtm=45je48q0v899970949z872605990za200zb72605990&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1708406419
Frame ID: CBA96B0F894F675248027EDCFA053C44
Requests: 1 HTTP requests in this frame

Frame: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Frame ID: 826A3B79C941EE675C5D941BE41D0F1A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nuvama

Detected technologies

Overall confidence: 100%
Detected patterns
  • v2\.zopim\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

94 %
HTTPS

0 %
IPv6

18
Domains

25
Subdomains

25
IPs

2
Countries

4573 kB
Transfer

8202 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://8696767.fls.doubleclick.net/activityi;src=8696767;type=invmedia;cat=edelw000;ord=298812326138;npa=0;auiddc=1656508924.1724846487;ps=1;pcor=1086362566;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48q0v9190263210za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE HTTP 302
  • https://8696767.fls.doubleclick.net/activityi;dc_pre=CKequvHRl4gDFWqljggdlRwCnQ;src=8696767;type=invmedia;cat=edelw000;ord=298812326138;npa=0;auiddc=1656508924.1724846487;ps=1;pcor=1086362566;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48q0v9190263210za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE
Request Chain 42
  • https://v2.zopim.com/?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP HTTP 302
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 56
  • https://v2.zopim.com/w?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP HTTP 302
  • https://v2.zopim.com/bin/v/widget_v2.335.js

80 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Partner
onboarding.nuvamawealth.com/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
525aaec344c6873f70ebc08c4367e82d900a0738b268989ed9d13fc8060b0715

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
3488
content-type
text/html
date
Wed, 28 Aug 2024 12:01:26 GMT
etag
"c7df93568f5da1:0"
last-modified
Fri, 23 Aug 2024 14:24:47 GMT
server
Microsoft-IIS/10.0
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-id
FparJN2LwX4EQph66PeuwASo5VcRhT8v9ozDrtRpm7Z9BdDv37p2LA==
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
x-powered-by
ASP.NET
jquery-3.4.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Referer
https://onboarding.nuvamawealth.com/
Origin
https://onboarding.nuvamawealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:26 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3487019
x-cache
HIT, HIT
content-length
24328
x-served-by
cache-lga21953-LGA, cache-yyz4566-YYZ
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1724846487.853978,VS0,VE0
etag
W/"28feccc0-1157d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
5988, 11280
2.c61ffb77.chunk.css
onboarding.nuvamawealth.com/static/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onboarding.nuvamawealth.com/static/css/2.c61ffb77.chunk.css
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ed5eec662b27f7c117c1536a39f5b625803802584062245468a9558fea0aa336

Request headers

Referer
https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:26 GMT
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
last-modified
Fri, 23 Aug 2024 14:24:46 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
EWR53-P1
etag
"425c843468f5da1:0"
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
3790
x-amz-cf-id
okeBVGNANdx913sFDHpSLpsF5jgb3Ga8XFJqa7rC4Q79GW2N5kLk1Q==
main.867fcec6.chunk.css
onboarding.nuvamawealth.com/static/css/ 		194 KB
195 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onboarding.nuvamawealth.com/static/css/main.867fcec6.chunk.css
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c11a947fe2d223d52825803a4f83af622e13aaef7a7bae10077f0ec4630a91bb

Request headers

Referer
https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:26 GMT
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
last-modified
Fri, 23 Aug 2024 14:24:43 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
EWR53-P1
etag
"224bac3268f5da1:0"
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
198909
x-amz-cf-id
I-DN9olIAG9t1PPOVp2t0lh-r5BpFs1fUzlzNjBUKLHpuLmBFrIxqw==
2.bee861c3.chunk.js
onboarding.nuvamawealth.com/static/js/ 		444 KB
445 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboarding.nuvamawealth.com/static/js/2.bee861c3.chunk.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
61535848a6e52971b7d135998cb1c845c69f494640486b897ce9fa9eb53539d1

Request headers

Referer
https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:26 GMT
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
last-modified
Fri, 23 Aug 2024 14:24:46 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
EWR53-P1
etag
"8cbe863468f5da1:0"
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
454927
x-amz-cf-id
yco90kBbR6m5qcK29jy6xBuMoXqjhcSZgJkj8s4UXh81HbfSofCWaQ==
main.a0ac16d9.chunk.js
onboarding.nuvamawealth.com/static/js/ 		770 KB
771 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboarding.nuvamawealth.com/static/js/main.a0ac16d9.chunk.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a5d68d0bb97247c36ecf290acc093d03418b595d8f5f87d26302a1ce0f7846cf

Request headers

Referer
https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:26 GMT
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
last-modified
Fri, 23 Aug 2024 14:24:43 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
EWR53-P1
etag
"79d4b53268f5da1:0"
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
788271
x-amz-cf-id
3lfNLb2HcCrMdcufh4hdqhDAMIbV1XTRrf2nd6IOELb-VNhSaynkTg==
gtm.js
www.googletagmanager.com/ 		386 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-52S6X2
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
08ef551b2f91980be672887ce7eb75ae51246f1cef0dc6df96eb15bb7f67ad79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
121969
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Aug 2024 12:01:27 GMT
js
www.googletagmanager.com/gtag/ 		299 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FLH792TTE8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S6X2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
95fe2f4a61085e40dd701e9cf74f8308ad65311687440d65ea6e8370519d77df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103773
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Aug 2024 12:01:27 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S6X2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Aug 2024 10:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6923
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 28 Aug 2024 12:06:04 GMT
destination
www.googletagmanager.com/gtag/ 		243 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-994734298&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S6X2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
39a57830e051cc3fec5cd29df04f709ffa4ffe44dee74ac9fdf3a7e9bf76f08c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87866
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Aug 2024 12:01:27 GMT
ytc.js
s.yimg.com/wi/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.147.92.11 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
e1.ycpi.vip.dca.yahoo.com
Software
ATS /
Resource Hash
6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Wed, 28 Aug 2024 11:51:09 GMT
x-amz-version-id
VxrPrcbofk65n9ysSCXrclM5xFIYS2A5
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
HBQ23T5P1AGGVARZ
age
619
x-amz-server-side-encryption
AES256
content-length
6672
x-amz-id-2
3ujHdG0zUJQstYZZfWDWiRHfmlqVr8zVlqcxf9QTIJld923nD4noS1mRvzLP1v39Xo9YqiDqaps=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 15 Aug 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 10 Jul 2024 13:59:59 GMT
server
ATS
etag
"b4dc8f0803272db7e9c028b882573ba1-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 28 Aug 2024 12:01:26 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 18E9A1B0EC234EC0A4DE931E17D2036C Ref B: YTO01EDGE0708 Ref C: 2024-08-28T12:01:27Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
js
www.googletagmanager.com/gtag/ 		214 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8696767
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S6X2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5ea96988a93da061dbab8a3ecca63ae01a4183b0ea44f6cb023458e3038f857b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78564
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Aug 2024 12:01:27 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 28 Aug 2024 12:01:27 GMT
document-policy
force-load-at-top
x-fb-server-load
47
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58936
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4285, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
qOv21aWVgbq6OgKBhfow1PlO+WTWRlJ6iPmtgS5T1Ygr+Ot/8UhFAdcQDC8H60zzaExaxxl8NaAkuyh0+c64Eg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
516773232307253
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/516773232307253?v=2.9.166&r=stable&domain=onboarding.nuvamawealth.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
f5aa92077a756291f03064c3efd365c63f82cd5269b7b80fdddb79eb61c37494
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 28 Aug 2024 12:01:27 GMT
document-policy
force-load-at-top
x-fb-server-load
34
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=74, mss=1232, tbw=66923, tp=63, tpl=0, uplat=57, ullat=0
pragma
public
x-fb-debug
uUvZf6q00n94X8tKjpBe78l4Gp+dROx+jgYJ6i4MJjU8FPdXMMdNve696+FjKNvFiny09ZPrH7AXtwmL4JiR7A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/994734298/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994734298/?random=1724846487323&cv=11&fst=1724846487323&bg=ffffff&guid=ON&async=1&gtm=45be48q0v9123545117z872605990za201zb72605990&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE&hn=www.googleadservices.com&frm=0&tiba=Nuvama&npa=0&pscdl=noapi&auid=1656508924.1724846487&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-994734298&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
88d4b5586b890087ea90ca835601ebbddcc3c74964bf5c0796d8bd91722be02e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 12:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
994734298
td.doubleclick.net/td/rul/ Frame 2A31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/994734298?random=1724846487323&cv=11&fst=1724846487323&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48q0v9123545117z872605990za201zb72605990&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE&hn=www.googleadservices.com&frm=0&tiba=Nuvama&npa=0&pscdl=noapi&auid=1656508924.1724846487&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-994734298&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Aug 2024 12:01:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CKequvHRl4gDFWqljggdlRwCnQ;src=8696767;type=invmedia;cat=edelw000;ord=298812326138;npa=0;auiddc=1656508924.1724846487;ps=1;pcor=1086362566;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
8696767.fls.doubleclick.net/ Frame 8099
Redirect Chain
  • https://8696767.fls.doubleclick.net/activityi;src=8696767;type=invmedia;cat=edelw000;ord=298812326138;npa=0;auiddc=1656508924.1724846487;ps=1;pcor=1086362566;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
  • https://8696767.fls.doubleclick.net/activityi;dc_pre=CKequvHRl4gDFWqljggdlRwCnQ;src=8696767;type=invmedia;cat=edelw000;ord=298812326138;npa=0;auiddc=1656508924.1724846487;ps=1;pcor=1086362566;uaa=;...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8696767.fls.doubleclick.net/activityi;dc_pre=CKequvHRl4gDFWqljggdlRwCnQ;src=8696767;type=invmedia;cat=edelw000;ord=298812326138;npa=0;auiddc=1656508924.1724846487;ps=1;pcor=1086362566;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48q0v9190263210za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8696767
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.230 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
638
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Aug 2024 12:01:27 GMT
expires
Wed, 28 Aug 2024 12:01:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Aug 2024 12:01:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8696767.fls.doubleclick.net/activityi;dc_pre=CKequvHRl4gDFWqljggdlRwCnQ;src=8696767;type=invmedia;cat=edelw000;ord=298812326138;npa=0;auiddc=1656508924.1724846487;ps=1;pcor=1086362566;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48q0v9190263210za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=8696767;type=invmedia;cat=edelw000;ord=298812326138;npa=0;auiddc=1656508924.1724846487;ps=1;pcor=1086362566;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gt...
td.doubleclick.net/td/fls/rul/ Frame 5F70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=8696767;type=invmedia;cat=edelw000;ord=298812326138;npa=0;auiddc=1656508924.1724846487;ps=1;pcor=1086362566;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48q0v9190263210za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8696767
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Aug 2024 12:01:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=8696767;type=invmedia;cat=edelw000;ord=298812326138;npa=0;auiddc=1656508924.1724846487;ps=1;pcor=1086362566;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=no...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=8696767;type=invmedia;cat=edelw000;ord=298812326138;npa=0;auiddc=1656508924.1724846487;ps=1;pcor=1086362566;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48q0v9190263210za200;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE?
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 12:01:27 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"8897270792259803748"}],"aggregatable_trigger_data":[{"filters":[{"14":["12074080"]}],"key_piece":"0x4d2263fce3680a83","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x2a2562c889e834c6","not_filters":{"14":["12074080"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"7567567491575488309","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"8897270792259803748","filters":[{"14":["12074080"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"8897270792259803748","filters":[{"14":["12074080"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"8897270792259803748","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"8897270792259803748","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["8696767"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FLH792TTE8&gtm=45je48q0v899970949z872605990za200zb72605990&_p=1724846486877&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=661085500.1724846487&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1724846487&sct=1&seg=0&dl=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE&dt=Nuvama&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1567
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FLH792TTE8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 12:01:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onboarding.nuvamawealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FLH792TTE8&cid=661085500.1724846487&gtm=45je48q0v899970949z872605990za200zb72605990&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FLH792TTE8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 12:01:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onboarding.nuvamawealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame CBA9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-FLH792TTE8&gacid=661085500.1724846487&gtm=45je48q0v899970949z872605990za200zb72605990&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1708406419
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FLH792TTE8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Aug 2024 12:01:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FLH792TTE8&cid=661085500.1724846487&gtm=45je48q0v899970949z872605990za200zb72605990&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=188344904
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 12:01:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1477710162&t=pageview&_s=1&dl=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE&ul=en-ca&de=UTF-8&dt=Nuvama&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAACAAI~&jid=1543256288&gjid=2044012066&cid=661085500.1724846487&tid=UA-8320591-3&_gid=512508392.1724846487&_slc=1&gtm=45He48q0n7152S6X2v72605990za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=817815171
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 12:01:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onboarding.nuvamawealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8320591-3&cid=661085500.1724846487&jid=1543256288&gjid=2044012066&_gid=512508392.1724846487&_u=YCDAgAABAAAAAGAAI~&z=947663412
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Aug 2024 12:01:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onboarding.nuvamawealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
10017891.json
s.yimg.com/wi/config/ 		2 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10017891.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.147.92.11 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
e1.ycpi.vip.dca.yahoo.com
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 28 Aug 2024 11:07:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
3RXSSYJF7TTTTXW9
age
3218
content-length
2
x-amz-id-2
yEW/YNsy95oacvGHo89FQbifMbELIpdmX/M3Z2OE8OXUrSOJ/NFSAXGmhxauS7lEeENg3goLxF4=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
5550104.js
bat.bing.com/p/action/ 		334 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5550104.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Wed, 28 Aug 2024 12:01:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9E3100D0405546338A94EF91F5FC69C8 Ref B: YTO01EDGE0708 Ref C: 2024-08-28T12:01:27Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=1800
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=516773232307253&ev=PageView&dl=https%3A%2F%2Fonboarding.nuvamawealth.com&rl=&if=false&ts=1724846487520&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4124&fbp=fb.1.1724846487518.400383922694569795&pm=1&hrl=6c5818&ler=empty&cdl=API_unavailable&it=1724846487306&coo=false&cs_cc=1&cas=7471843079596500%2C5718444918215473%2C5186537888025885&rqm=GET
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1316, tbw=2820, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 28 Aug 2024 12:01:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=516773232307253&ev=PageView&dl=https%3A%2F%2Fonboarding.nuvamawealth.com&rl=&if=false&ts=1724846487520&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4124&fbp=fb.1.1724846487518.400383922694569795&pm=1&hrl=6c5818&ler=empty&cdl=API_unavailable&it=1724846487306&coo=false&cs_cc=1&cas=7471843079596500%2C5718444918215473%2C5186537888025885&rqm=FGET
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 28 Aug 2024 12:01:27 GMT
document-policy
force-load-at-top
x-fb-server-load
57
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7408159253445913223", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=15, mss=1316, tbw=3138, tp=-1, tpl=-1, uplat=81, ullat=0
pragma
no-cache
x-fb-debug
y1+7hDy5/NAt7lkGxcjC6Icj/NVcYWviUwmYFBLy5pCV1c0TNQiCDqZ0wJvh583xjcwRYCqwW5yLO7bplcbkIA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7408159253445913223"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/994734298/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/994734298/?random=1724846487323&cv=11&fst=1724846400000&bg=ffffff&guid=ON&async=1&gtm=45be48q0v9123545117z872605990za201zb72605990&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE&hn=www.googleadservices.com&frm=0&tiba=Nuvama&npa=0&pscdl=noapi&auid=1656508924.1724846487&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf9vjxVwoHBv99uITiBLHTQg97QtvJ0Q&random=3923581835&rmt_tld=0&ipr=y
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 12:01:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/994734298/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/994734298/?random=1724846487323&cv=11&fst=1724846400000&bg=ffffff&guid=ON&async=1&gtm=45be48q0v9123545117z872605990za201zb72605990&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE&hn=www.googleadservices.com&frm=0&tiba=Nuvama&npa=0&pscdl=noapi&auid=1656508924.1724846487&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf9vjxVwoHBv99uITiBLHTQg97QtvJ0Q&random=3923581835&rmt_tld=1&ipr=y
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 12:01:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2028%20Aug%202024%2012%3A01%3A27%20GMT&n=7d&b=Nuvama&.yp=10017891&f=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE&enc=UTF-8&yv=1.16.0&tagmgr=gtm
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.88.71.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-71-74.compute-1.amazonaws.com
Software
ATS/9.1.10.134 /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 12:01:27 GMT
via
http/1.1 traffic_server (ApacheTrafficServer/9.1.10.134)
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS/9.1.10.134
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Wed, 28 Aug 2024 12:01:27 GMT
Errormessages
nwaop.nuvamawealth.com/mwapi/api/MastersData/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://nwaop.nuvamawealth.com/mwapi/api/MastersData/Errormessages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-34.jfk52.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
api-key,content-type
Access-Control-Request-Method
POST
Origin
https://onboarding.nuvamawealth.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
api-key,content-type
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH
access-control-allow-origin
https://onboarding.nuvamawealth.com
access-control-max-age
600
date
Wed, 28 Aug 2024 12:01:29 GMT
server
Microsoft-IIS/10.0
vary
Access-Control-Request-Method Origin Access-Control-Request-Headers
via
1.1 3b25d3847d37119898f877230ee8f426.cloudfront.net (CloudFront)
x-amz-cf-id
ycS_CqiwjSJpaXPGW3Etyr9_8bwn2EQLqNrmwvhsQaoeZ__Dt_aaMg==
x-amz-cf-pop
JFK52-P2
x-cache
Miss from cloudfront
x-powered-by
ASP.NET
meta.json
onboarding.nuvamawealth.com/ 		20 B
353 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onboarding.nuvamawealth.com/meta.json
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/static/js/2.bee861c3.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
94deae89f8d8d451968c86496f8d9b3d8b3588fd18df7e94e00cdf026b960202

Request headers

Referer
https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:27 GMT
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
last-modified
Fri, 23 Aug 2024 14:24:47 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
EWR53-P1
etag
"4742c3568f5da1:0"
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
20
x-amz-cf-id
GbOBhSuiuF0a3b2sQCPu9QS-uGMl1sbiEeyjo0hwqJGpWrg7wCbMrA==
Errormessages
nwaop.nuvamawealth.com/mwapi/api/MastersData/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nwaop.nuvamawealth.com/mwapi/api/MastersData/Errormessages
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/static/js/main.a0ac16d9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-34.jfk52.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4d29f62cb8768e1b94b640aff47c2747a5dade8f2289fc1aaae1f0df34be893f

Request headers

Referer
https://onboarding.nuvamawealth.com/
api-key
c41121ed-b6fb-c9a6-bc9b-574c82929e7e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Aug 2024 12:01:30 GMT
content-encoding
br
via
1.1 3b25d3847d37119898f877230ee8f426.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-amz-cf-pop
JFK52-P2
x-powered-by
ASP.NET
vary
accept-encoding, Origin
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://onboarding.nuvamawealth.com
access-control-allow-credentials
true
x-amz-cf-id
gwJSdcKekXiplmdLwLCEivQ_xLfh_qMI0AyKkfJVYrb_954ZEu8dHw==
clevertap.min.js
d2r1yp2w7bby2u.cloudfront.net/js/ 		126 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/clevertap.min.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/static/js/main.a0ac16d9.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-13.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b36db09fb8f59545cc54fbf0d7af00d23cc9c2569769eebc5a9126e804b13de

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 28 Aug 2024 07:58:14 GMT
Content-Encoding
gzip
Via
1.1 c9fc8eca0b2b3a083a77fd1cf662c1a8.cloudfront.net (CloudFront)
Last-Modified
Wed, 31 Jul 2024 08:15:13 GMT
Server
AmazonS3
X-Amz-Cf-Pop
EWR53-C1
Age
14595
ETag
W/"16ee02d55641b6adfed44b0aae9e9cb3"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
rGKHjqKQf16qjk2c1OjiNsu4HPbMnskAXs4CQIzgv07BjTLh69hCEA==
main.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ 		253 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/static/js/main.a0ac16d9.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7ce815305d774a7434cb2bd9abf83f8e11fa36e05dff37eee58989df8fa8f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
eS+Ba0+tH0KS0wHW9Nih8g==
age
14045
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c6e36358-201e-0003-1c58-f8448a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba4259a7bacab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:28 GMT
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5550104&Ver=2&mid=f7ecf37d-c922-4b34-9dca-e1443fe03bde&sid=42009610653511efa9efb70c8a1e6eaf&vid=4200a500653511ef859491580a281efe&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Nuvama&p=https%3A%2F%2Fonboarding.nuvamawealth.com%2FPartner%3Futm_source%3DEMPLOYEE%26utm_campaign%3D35817%26utm_content%3DELITE&r=&lt=2793&evt=pageLoad&sv=1&cdb=AQAQ&rn=455402
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Aug 2024 12:01:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D7E15BEA3E5E4EC882D8BDB8D8F92337 Ref B: YTO01EDGE0708 Ref C: 2024-08-28T12:01:28Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
in.clevertap-prod.com/ 		259 B
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.clevertap-prod.com/a?t=96&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVAGMwB9VKMVAVzAXQENsBnGAXwMwBMEIAGwBpAJwBaEQHUA7BNkAWAKwAtEASgBzBAEYCLdKRDZMAI0EB3GGYns%2BAawkA3XQDoxbgAwbCqOmSo2IIAFmBgUOwgXFxAAAA%3D&optOut=false&rn=1&i=1724846488&sn=0&tries=1&useIP=false&r=1724846488809
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/clevertap.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.240.162.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-240-162-28.hyd57.r.cloudfront.net
Software
CloudFront /
Resource Hash
78e0680267ec6ea17ce7d29d65f33c840e67bbd021fd89a1b3131f72bf4ba1a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 28 Aug 2024 12:01:29 GMT
Content-Encoding
gzip
Via
1.1 34ffbaaaf936d3600bb6e4ba23ad6a1e.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
X-Amz-Cf-Pop
HYD57-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Pragma
no-cache
Server
CloudFront
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Content-Type
text/javascript;charset=utf-8
Cache-Control
no-cache, no-store, no-cache, no-store
X-Amz-Cf-Id
lIm5f882_UmHacAGUK3r4tcVnME6HEPgW9ER0_jXJyf0izif50W_Zw==
Expires
0
36113d7e-f6ea-481b-929b-4f56eeb64928
https://onboarding.nuvamawealth.com/ Frame 		0
0
ym_base.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym_base.min.js
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b595ce3c4fff608d18623811b464c2e854666e87092e49b3b444a88852189e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
XCEl983kYnT3zKnXMNYh9Q==
age
14036
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5a45d37e-501e-003c-5258-f8c420000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba4259bdc9eab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:28 GMT
animate.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ 		85 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/animate.min.js
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed227504f3c41cb5de1160b0b95f00fe7baa0d54147b134525d0171ca2598fc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
2bTvtNNuzKvw7yv3+oAYZQ==
age
14036
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4e0a972a-a01e-001d-5358-f8a852000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba4259bdca0ab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:28 GMT
asset_composer.js
static.zdassets.com/ekr/
Redirect Chain
  • https://v2.zopim.com/?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
  • https://static.zdassets.com/ekr/asset_composer.js
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4a7f42428d3c734e2f46390af364677dfa47d99e69b22c56a03e8bd3fd4c14
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:29 GMT
x-amz-version-id
QZ1R1ruFJQC0h5H7SsqS8V7H1ulyg1Hd
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
F6JJ5AXCWG80S00T
age
47
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-amz-id-2
dNFyfGoGYPwsWBbb98Q7Vwg5+DT8y2VmZ394n3PhAPeVz1U0yNkk5LxVcgS5UiNtcwkUZqcdWeE=
last-modified
Thu, 08 Aug 2024 15:49:45 GMT
server
cloudflare
etag
W/"67cbb97bf64ecd65d74b0de6ede92abf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SymdnVZIFux1Yb%2FETku%2Fa%2Fc5McchAlr%2Fz1KCv%2FFM5npVFV6k98cjjra5HHgbUHummNmaMTu%2FLlEJezhZkTPA%2Bycsa39ErImCmZ75%2B%2Bg9J8x175hNU8L3OCq5q9qL4YIX55RrUKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8ba4259d2a2cac5a-YYZ
access-control-allow-headers
*

Redirect headers

date
Wed, 28 Aug 2024 12:01:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/html
location
https://static.zdassets.com/ekr/asset_composer.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8ba4259c9eb9aba5-YYZ
content-length
143
expires
Thu, 01 Jan 1970 00:00:01 GMT
Nuvama_Identity_RGB_Positive.607aa283.jpg
onboarding.nuvamawealth.com/static/media/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onboarding.nuvamawealth.com/static/media/Nuvama_Identity_RGB_Positive.607aa283.jpg
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
334792603e185228465fe1600d535be07b105133ea2b84c3df86f4d120dd1b07

Request headers

Referer
https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:29 GMT
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
last-modified
Fri, 23 Aug 2024 14:24:47 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
EWR53-P1
etag
"34e4ac3468f5da1:0"
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
91886
x-amz-cf-id
-eMLBD5VoWx1zz5_S-M0qSFurKnk_CnZVt435cC1v1AgYIQUmyGDfQ==
regBanner.61a6dd18.jpeg
onboarding.nuvamawealth.com/static/media/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onboarding.nuvamawealth.com/static/media/regBanner.61a6dd18.jpeg
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5f4bffb30dae62c3c4a5d9c0138e73279a787cfa1661f7b3829e43ba700d4635

Request headers

Referer
https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:29 GMT
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
last-modified
Fri, 23 Aug 2024 14:24:47 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
EWR53-P1
etag
"2045ce3468f5da1:0"
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1760353
x-amz-cf-id
b0-55mthf45A4_Yc2XXvCVrdQT1UdGFH1WArqEpPZM23sPICyWFEKA==
GetCity
nwaop.nuvamawealth.com/mwapi/api/MastersData/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://nwaop.nuvamawealth.com/mwapi/api/MastersData/GetCity
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-34.jfk52.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
api-key,content-type
Access-Control-Request-Method
GET
Origin
https://onboarding.nuvamawealth.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
api-key,content-type
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH
access-control-allow-origin
https://onboarding.nuvamawealth.com
access-control-max-age
600
date
Wed, 28 Aug 2024 12:01:29 GMT
server
Microsoft-IIS/10.0
vary
Access-Control-Request-Method Origin Access-Control-Request-Headers
via
1.1 3b25d3847d37119898f877230ee8f426.cloudfront.net (CloudFront)
x-amz-cf-id
rjAXlui-HQ8Qm7LYi8x0pZ4yUesQyZMXHwSahSvNdkpgF2KrUryRqw==
x-amz-cf-pop
JFK52-P2
x-cache
Miss from cloudfront
x-powered-by
ASP.NET
GetCity
nwaop.nuvamawealth.com/mwapi/api/MastersData/ 		784 KB
129 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nwaop.nuvamawealth.com/mwapi/api/MastersData/GetCity
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/static/js/main.a0ac16d9.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-34.jfk52.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
55ed2edacd2f5844d0a2e6bc19cd85297209544eccdf647673e914503df65efa

Request headers

Referer
https://onboarding.nuvamawealth.com/
api-key
c41121ed-b6fb-c9a6-bc9b-574c82929e7e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Aug 2024 18:24:11 GMT
content-encoding
br
via
1.1 3b25d3847d37119898f877230ee8f426.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-amz-cf-pop
JFK52-P2
age
63438
x-powered-by
ASP.NET
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://onboarding.nuvamawealth.com
access-control-allow-credentials
true
x-amz-cf-id
tdRVpLqyIeefa5MjZvRVPjdoopVSeUJyWM4IM2k5riMY3ihl7jq09Q==
widget.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 826A 		549 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e26678c31d9b0a6a2198109cb4689cd8a713202f1851ee050855333b6db02fa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
M+aamJ3R5iVxo34Lb/rC6Q==
age
14037
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1b8d248a-601e-0055-0d58-f8fd6c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba4259ccd45ab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:29 GMT
390e01fd-2132-4786-b283-1c44ca2e01de
https://onboarding.nuvamawealth.com/ Frame 		0
0
ym_toast.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 826A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym_toast.min.js
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fde2605c1edae449eb99cc527344e0a3d8a5a236ab91f752995e43424ff57f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
WGcLJEYzoUPcuFz0/DYo3Q==
age
14037
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4a607ace-701e-0017-3958-f81238000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba4259d8dd3ab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:29 GMT
ym_skeleton.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 826A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym_skeleton.min.js
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9105996da21f9cc26f45769b4182cdc3081e172eb3753ea0413698e1dea8a8cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
BLee1RygfkLEDb2bF+Uylw==
age
14037
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
95632699-201e-000a-5e58-f81f84000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba4259d8dd8ab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:29 GMT
ym-file-upload-utils.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 826A 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym-file-upload-utils.min.js
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b36a31f40881097e561d5ae3ddd1bb2f560fa169af4d343cecfc4561803458f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
yIRv195g3oS7E04/GceI3A==
age
14037
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ae09c1cb-401e-0023-0b58-f821f0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba4259d9ddbab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:29 GMT
41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
ekr.zdassets.com/compose/zopim_chat/ 		210 B
1013 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/zopim_chat/41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
Requested by
Host: v2.zopim.com
URL: https://v2.zopim.com/?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cf5da41231d1e2fab37f3aea3d8d2f075c1f4a0d2d9b67e5e2a94db5d443888
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:29 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
88ef1a717a917a22-SEA, 88ef1a717a917a22-SEA
x-runtime
0.004742
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"5cf5da41231d1e2fab37f3aea3d8d2f0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YuWzSqaJrUpgJe6Ln9ETs08at6AgA9ztefP3uDLd38fOgR3%2BBDDicQBxiBkdPOa5nL8aJZZSfEGqJZNApIE1wgBJDocUNV1KRCdJUq3vOjhd9V2vmas4sjgzNLeQXepjb18%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
8ba4259e19baab82-YYZ
bot-load-details
cloud.yellow.ai/api/plugin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloud.yellow.ai/api/plugin/bot-load-details?bot=x1648725853798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ym-bot-id
Access-Control-Request-Method
POST
Origin
https://onboarding.nuvamawealth.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
allow
POST
cf-cache-status
DYNAMIC
cf-ray
8ba4259e8a19ac99-YYZ
content-encoding
br
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type
text/html; charset=utf-8
date
Wed, 28 Aug 2024 12:01:30 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
widget-css.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 826A 		120 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget-css.min.js
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25a390f13809556e24125968d637e32ba68a03548f7e2f9e11490e6dbb13ea96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
7lo4TNkcXSRE1lHRA+pwEA==
age
14037
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
825bb202-201e-0044-4558-f867d8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba4259e1e41ab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:29 GMT
bot-load-details
cloud.yellow.ai/api/plugin/ Frame 826A 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloud.yellow.ai/api/plugin/bot-load-details?bot=x1648725853798
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0424e96b4f9554b0e381dbeb1168ef4f3f9534db0fdae172b8e8ee4e789fc604
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
x-ym-bot-id
x1648725853798
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Aug 2024 12:01:30 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-encoding
br
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"a6c-uWbZexTsSWfBJ3OxLArMLMIk0CE"
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8ba425a2dc77ac99-YYZ
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
widget_v2.335.js
v2.zopim.com/bin/v/
Redirect Chain
  • https://v2.zopim.com/w?41MH0WLFP1PIiJh5X3GVaJmPkKi5A6EP
  • https://v2.zopim.com/bin/v/widget_v2.335.js
1 MB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.zopim.com/bin/v/widget_v2.335.js
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H2
Server
104.17.97.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f4b7178ef62e2f4ed2b990d20b08f765ea2e858a01443304993639bb710e78d

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 29 Feb 2024 06:17:46 GMT
server
cloudflare
age
119899
etag
W/"65e0218a-10304e"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=315360000
cf-ray
8ba4259fc8acaba5-YYZ
expires
Sat, 26 Aug 2034 12:01:29 GMT

Redirect headers

date
Wed, 28 Aug 2024 12:01:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
etag
"65e903af-0"
content-type
application/octet-stream
location
https://v2.zopim.com/bin/v/widget_v2.335.js
cache-control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray
8ba4259ef834aba5-YYZ
content-length
0
expires
Wed, 28 Aug 2024 16:01:29 GMT
a
in.clevertap-prod.com/ 		250 B
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.clevertap-prod.com/a?t=96&type=page&d=N4IgrgziBcIKYFsAOAbA9gTznEAacAxjCAMwCsAHAIwDseIAlgCbEBsA0gJwC07A6jW40ALGQBa9JAHMYVfAEMAZjFAoGAI2IB3OOu4QmAa24A3KgDpO5gAySATmgAuaAmhTEAFo8dIoAX3wCaU9vX2gAenC0ADt1NHk7JgZoqXNosBN5BHkdeRRHD3NXBHCABQTHaLg7AH4wRwQAfQg0MDsCOABeAFEAWVKAGQB5AE1u7oAyeqaCLKR5BilozvJqGimGxtdoxzgdnoGASQAVbvo%2BMQAldkaAYQBBfpUQLWQYa3wtBjfoD5BHFBEaAAbQAup8GACgWC%2FH4gA&rn=2&i=1724846488&sn=0&gc=ffbef80e75f84524a73c2d1e97d5bc54&tries=1&useIP=false&r=1724846489786
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/clevertap.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.240.162.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-240-162-28.hyd57.r.cloudfront.net
Software
CloudFront /
Resource Hash
861dbd7c57868ca306b2ee4a91e7df9db431eee02bbfe24880d51d40be60e5c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 28 Aug 2024 12:01:29 GMT
Content-Encoding
gzip
Via
1.1 34ffbaaaf936d3600bb6e4ba23ad6a1e.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
X-Amz-Cf-Pop
HYD57-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Pragma
no-cache
Server
CloudFront
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Content-Type
text/javascript;charset=utf-8
Cache-Control
no-cache, no-store, no-cache, no-store
X-Amz-Cf-Id
eHQMzieYtKlWeVIZ1XAm7c2AlFWoZZPxEPuGPQbg763EaRSRPr-fDQ==
Expires
0
a
in.clevertap-prod.com/ 		215 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.clevertap-prod.com/a?t=96&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2ciA7gF4BOA1gPoBmMYAxgBba5gAihYhBKEzwALAF8cASwAmCEADYA0gE4AtEoDqAdjXbRAVgBaXKAHMEARhyFGQkABspAI3nkYztQGcZtNcksAOhVAgAZTagB7MEjWSId5djAwKC8QSRBNIwAlJXoAYQBBAFkABXtyYigEUJxyKSqanDAHVgQAbQBdOqkWtvgu8XEgAAA%3D&rn=3&i=1724846488&sn=0&gc=ffbef80e75f84524a73c2d1e97d5bc54&tries=1&useIP=false&r=1724846489787
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/clevertap.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.240.162.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-240-162-28.hyd57.r.cloudfront.net
Software
CloudFront /
Resource Hash
dc832f6d7349dd41f93836cd9b253fd242ef98b9947b171118b31fb171b98e96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 28 Aug 2024 12:01:29 GMT
Content-Encoding
gzip
Via
1.1 8d4e3613dbc1a754e3aa298936b1ecf6.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
X-Amz-Cf-Pop
HYD57-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Pragma
no-cache
Server
CloudFront
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Content-Type
text/javascript;charset=utf-8
Cache-Control
no-cache, no-store, no-cache, no-store
X-Amz-Cf-Id
vVqSAoljYGRX2kf7DJw9W1CaZft39rTdRjbZ2cSllH5H5wux_ycgKw==
Expires
0
a
in.clevertap-prod.com/ 		215 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.clevertap-prod.com/a?t=96&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2ci%2BMA7gPoCCAxvQPYCuG1A8rGgJZoDmAAgA%2BggDIxCAE2oAFQvxgjBAZTAwo1NYQBOmHCjAARQmEIJQAUVQYipBCAo0GzNmE7c%2BQ0ROlyFSqJqGlpmetggAKoAKgCyWhyRAEoAwpYOlrGyYhwAmpbpODHxsZZGAJKRsQ4RxdQptFm05QDi%2BA4AzACsABwAjADsESksOjroYPKKDgAWYGBQAM7wAPQrTGgARky6Ul4AdGgsyCSElJIANmAz%2B8zEK%2FJ6aDA6APwsYMTUi6w69DAAXky2TyBQAZB8vvQSFBCDx%2BGgAd1%2BgMIZ9qMwMBMgWJytFCiBZBdTAAzJg6YgOADqME2ix46moRhgiwA1mAmFAQABfHA8KQOABsAGkAJwAWmFVIG4oGABYugAtCJQfgIPo4QgkiwgC48TYOc6bcWLKSs8XIPr7UX7AAMKp0TA5zAus3mSx5OCpiqSwvqjVkOsoxC58FtOEoPBDCHD4Au9AQAG0ALoRhnxpPJ7ncoA&rn=4&i=1724846488&sn=0&gc=ffbef80e75f84524a73c2d1e97d5bc54&tries=1&useIP=false&r=1724846489787
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/clevertap.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.240.162.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-240-162-28.hyd57.r.cloudfront.net
Software
CloudFront /
Resource Hash
adae8222cc80da8f264ec0ea2c8b6ca7c0736a8ebcea66305d44aab72fc13894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 28 Aug 2024 12:01:30 GMT
Content-Encoding
gzip
Via
1.1 8d4e3613dbc1a754e3aa298936b1ecf6.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
X-Amz-Cf-Pop
HYD57-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Pragma
no-cache
Server
CloudFront
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Content-Type
text/javascript;charset=utf-8
Cache-Control
no-cache, no-store, no-cache, no-store
X-Amz-Cf-Id
93FivEFMRYkaQRHliQatfSwfSaszTN76Hei9UI6sKtRHRtwfDfW_Kg==
Expires
0
wzrk_dialog.min.js
d2r1yp2w7bby2u.cloudfront.net/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/wzrk_dialog.min.js
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/clevertap.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-13.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4df29f2bf7256300e2a9b90be23700f054ea080df730a051810955d24c9ce738

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 28 Aug 2024 11:59:31 GMT
Content-Encoding
gzip
Via
1.1 c9fc8eca0b2b3a083a77fd1cf662c1a8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR53-C1
Age
119
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 28 Aug 2024 07:58:08 GMT
Server
AmazonS3
ETag
W/"cc1c28259d045234d353abd7ad51eca6"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1800, private
X-Amz-Cf-Id
dRmjQSq0qqJp3eIBRL2P9jvQGb-SfAdTFhtTrPRmd7hkVDiKVPBvRA==
roboto.min.css
cdn.yellowmessenger.com/ Frame 826A 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/roboto.min.css
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
367af9bf93b439969d1c43252f5f16e593b841f7352452ec0cd7afed9789c8aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ptDrVIxLdk5B0IX1/rBQxA==
age
11934
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Thu, 07 Sep 2023 11:31:36 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
2435123b-801e-001e-6c4e-9a3bdd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba425a79c51ab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:30 GMT
push-to-metrics
cloud.yellow.ai/api/plugin/ Frame 826A 		46 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloud.yellow.ai/api/plugin/push-to-metrics?bot=x1648725853798&linkType=web&payload=[object%20Object]&utm_campaign=35817&source=yellowmessenger&subSource=null&_=1724846489175
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f57faa602933fa2c5449d3487280a5bd1d82fd8f8a2ddcef80de8847c7d1121b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
x-ym-bot-id
x1648725853798
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:31 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-length
46
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"2e-Gyi7Bl4WvG7CJ8s8OsTledI1y70"
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8ba425a9582eac99-YYZ
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
strophe.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 826A 		84 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/strophe.min.js
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5532ee48ae379bef327e4ba2690dea52eef800306b4179a415bc8b9ca9143b3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
G9n+eQa7CayAoVZa1q6AtA==
age
14034
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9c22e66a-e01e-0033-4858-f8fa45000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba425a7ac61ab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:30 GMT
slick-css.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 826A 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/slick-css.min.js
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4618a98934083dfd196c53f4a9bb417be682e9189f3005340912d190a0729d8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
VIymhs4I3qyRypiubGKqvw==
age
14034
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8dfc06c7-901e-0016-6058-f85339000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba425a7bc64ab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:30 GMT
slick.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 826A 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/slick.min.js
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b244124ea2951bdb620917d3247ff5afb29cfb3393daf67db8328e4ebf749d8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
fpfikI/QQZ66YV8VyA96kQ==
age
14034
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f44605ee-201e-0054-4f58-f8a2b0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba425a7bc66ab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:30 GMT
wLa6S0IVhlXU1667975141095.jpg
cdn.yellowmessenger.com/ Frame 826A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.yellowmessenger.com/wLa6S0IVhlXU1667975141095.jpg
Requested by
Host: onboarding.nuvamawealth.com
URL: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f3bc07150464544a9bd6566a55cb00c2ac054d54e655687d62c51741b30e26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ZYQTGp+olHyLlp5DcSIhKg==
alt-svc
h3=":443"; ma=86400
content-length
9946
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Wed, 09 Nov 2022 06:25:41 GMT
server
cloudflare
etag
0x8DAC21B39818186
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
237f5c54-f01e-0079-058e-e0a8f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ba425a7bc68ab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:30 GMT
push-to-metrics
cloud.yellow.ai/api/plugin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloud.yellow.ai/api/plugin/push-to-metrics?bot=x1648725853798&linkType=web&payload=[object%20Object]&utm_campaign=35817&source=yellowmessenger&subSource=null&_=1724846489175
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-ym-bot-id
Access-Control-Request-Method
GET
Origin
https://onboarding.nuvamawealth.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
allow
GET,HEAD,POST
cf-cache-status
DYNAMIC
cf-ray
8ba425a7af1eac99-YYZ
content-encoding
br
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type
text/html; charset=utf-8
date
Wed, 28 Aug 2024 12:01:31 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
roboto.min.css
cdn.yellowmessenger.com/ 		6 KB
486 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/roboto.min.css
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
367af9bf93b439969d1c43252f5f16e593b841f7352452ec0cd7afed9789c8aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ptDrVIxLdk5B0IX1/rBQxA==
age
11934
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Thu, 07 Sep 2023 11:31:36 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
2435123b-801e-001e-6c4e-9a3bdd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba425a7ec88ab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:30 GMT
wLa6S0IVhlXU1667975141095.jpg
cdn.yellowmessenger.com/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.yellowmessenger.com/wLa6S0IVhlXU1667975141095.jpg
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f3bc07150464544a9bd6566a55cb00c2ac054d54e655687d62c51741b30e26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onboarding.nuvamawealth.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ZYQTGp+olHyLlp5DcSIhKg==
alt-svc
h3=":443"; ma=86400
content-length
9946
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Wed, 09 Nov 2022 06:25:41 GMT
server
cloudflare
etag
0x8DAC21B39818186
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
237f5c54-f01e-0079-058e-e0a8f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ba425a7bc68ab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:30 GMT
roboto-latin-400-normal.woff2
cdn.yellowmessenger.com/ Frame 826A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/roboto-latin-400-normal.woff2
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/roboto.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.yellowmessenger.com/roboto.min.css
Origin
https://onboarding.nuvamawealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Fdn2IcO9FZnwFp3PC9XmPg==
alt-svc
h3=":443"; ma=86400
content-length
15744
x-ms-lease-status
unlocked
last-modified
Mon, 02 Jan 2023 07:17:51 GMT
server
cloudflare
etag
0x8DAEC9175CA333A
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
8e08fe2a-e01e-007e-38b0-ec35a9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ba425a81b17387e-YYZ
expires
Wed, 28 Aug 2024 12:31:30 GMT
remix.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 826A 		117 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/remix.min.js
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5953c3f1af06e0d3310c4927725822538723d3755de0239daddac92a01c52f44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
rniUSD76uYqWXP5KpRp63w==
age
14034
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6be6888e-201e-0009-7958-f8a834000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba425a80c9bab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:30 GMT
compact-css.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 826A 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/compact-css.min.js
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ae83c2ac8d4ebc1452f3dfda778d874215a79d466df68adbcf0b97b0ed095e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Zcg9ayFDWFbe1OfFGiHi7g==
age
14034
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a0289e8d-301e-006d-4d58-f811a5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba425a80c9cab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:30 GMT
roboto-latin-400-normal.woff2
cdn.yellowmessenger.com/ 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/roboto-latin-400-normal.woff2
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/roboto.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.yellowmessenger.com/roboto.min.css
Origin
https://onboarding.nuvamawealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Fdn2IcO9FZnwFp3PC9XmPg==
alt-svc
h3=":443"; ma=86400
content-length
15744
x-ms-lease-status
unlocked
last-modified
Mon, 02 Jan 2023 07:17:51 GMT
server
cloudflare
etag
0x8DAEC9175CA333A
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
8e08fe2a-e01e-007e-38b0-ec35a9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ba425a81b17387e-YYZ
expires
Wed, 28 Aug 2024 12:31:30 GMT
favicon.png
onboarding.nuvamawealth.com/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://onboarding.nuvamawealth.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-128.ewr53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9066a1e20e58e81805a7f34a04032dc8b16ef89b3cf891f403de757d4b300996

Request headers

Referer
https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:31 GMT
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
last-modified
Fri, 23 Aug 2024 14:24:47 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
EWR53-P1
etag
"8c7d73568f5da1:0"
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2662
x-amz-cf-id
wOO2sZCq9i4Rni4jVusk1wJUxVT-JmV-7w8nOJPp6o7bA03mnM4Tsw==
list-campaigns
cloud.yellow.ai/api/engagements/inbound/ Frame 826A 		46 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloud.yellow.ai/api/engagements/inbound/list-campaigns?bot=x1648725853798&uid=1309984150245426083935121903682&_=1724846489176
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae145134387f6b315086c73b2c879ecc3a6abffb5fcbdacf83b66492a6162a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 12:01:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-length
46
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
cloudflare
etag
W/"2e-r4PPgw/jRLNCglXgL/2LB7fi/Gg"
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
feature-policy
geolocation 'self'
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8ba425b48f54ac99-YYZ
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,Responsetype,x-api-key,x-app-id
expires
0
ticket-details.min.js
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 826A 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ticket-details.min.js
Requested by
Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71022826bd0b211a297065e44f5c6de8d5cc989be7c7d1c44b390c4affad9305
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 28 Aug 2024 12:01:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
e+n2VozAdlINPJTII0b6TA==
age
14034
alt-svc
h3=":443"; ma=86400
x-ms-lease-status
unlocked
last-modified
Tue, 27 Aug 2024 08:07:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7962cbab-001e-0059-2a58-f8226d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
cf-ray
8ba425b4bd3dab9a-YYZ
expires
Wed, 28 Aug 2024 12:31:32 GMT
active-ticket-details
cloud.yellow.ai/api/plugin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloud.yellow.ai/api/plugin/active-ticket-details?uid=1309984150245426083935121903682&bot=x1648725853798&source=yellowmessenger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ym-bot-id
Access-Control-Request-Method
GET
Origin
https://onboarding.nuvamawealth.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
allow
GET,HEAD
cf-cache-status
DYNAMIC
cf-ray
8ba425b4ff96ac99-YYZ
content-encoding
br
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type
text/html; charset=utf-8
date
Wed, 28 Aug 2024 12:01:33 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
active-ticket-details
cloud.yellow.ai/api/plugin/ Frame 826A 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
onboarding.nuvamawealth.com
URL
blob:https://onboarding.nuvamawealth.com/36113d7e-f6ea-481b-929b-4f56eeb64928
Domain
onboarding.nuvamawealth.com
URL
blob:https://onboarding.nuvamawealth.com/390e01fd-2132-4786-b283-1c44ca2e01de
Domain
cloud.yellow.ai
URL
https://cloud.yellow.ai/api/plugin/active-ticket-details?uid=1309984150245426083935121903682&bot=x1648725853798&source=yellowmessenger

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| $ function| jQuery object| dataLayer object| clevertap object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| createCookie function| readCookie function| eraseCookie object| dotq object| uetq function| fbq function| _fbq object| GooglebQhCsO function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| YAHOO function| UET function| UET_init function| UET_push object| ueto_b05e55c868 object| webpackJsonpao_ecosystem object| regeneratorRuntime object| ymConfig function| getCookie function| getCookie1 string| URL1 function| getQueryVariable string| src1 string| cam1 object| $WZRK_WR object| $CLTP_WR number| oulReqN object| wizrocket object| webpackChunkweb_plugin number| msTokenCreated object| voiceInstance object| inboundCustomEvents number| pageLoadedAt object| YellowMessengerPlugin function| $zopim object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded object| wzrkPermissionPopup boolean| showAutoPopUp

22 Cookies

Domain/Path Name / Value
.nuvamawealth.com/ Name: _gcl_au
Value: 1.1.1656508924.1724846487
.nuvamawealth.com/ Name: _ga_FLH792TTE8
Value: GS1.1.1724846487.1.0.1724846487.60.0.0
.nuvamawealth.com/ Name: _ga
Value: GA1.2.661085500.1724846487
.nuvamawealth.com/ Name: _gid
Value: GA1.2.925990065.1724846487
.nuvamawealth.com/ Name: _fbp
Value: fb.1.1724846487518.400383922694569795
.doubleclick.net/ Name: IDE
Value: AHWqTUn4FglZJD7u5ys0Qs0jGDI-FIx5k5FI3SIVON3sZlMcoR9fR5LmJFhSfoue
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBJcRz2YCEETvIlu84C9iO8ddCoI3iGgFEgEBAQFj0GbYZiXaxyMA_eMAAA&S=AQAAAgpo9HFkyy-qCmdHq9EwOn0
onboarding.nuvamawealth.com/ Name: LP
Value: https://onboarding.nuvamawealth.com/Partner?utm_source=EMPLOYEE&utm_campaign=35817&utm_content=ELITE
onboarding.nuvamawealth.com/ Name: trafficsource
Value: EMPLOYEE
onboarding.nuvamawealth.com/ Name: source
Value: EMPLOYEE
onboarding.nuvamawealth.com/ Name: medium
Value: undefined
onboarding.nuvamawealth.com/ Name: campaign
Value: 35817
onboarding.nuvamawealth.com/ Name: platform
Value: undefined
.nuvamawealth.com/ Name: _uetsid
Value: 42009610653511efa9efb70c8a1e6eaf
.nuvamawealth.com/ Name: _uetvid
Value: 4200a500653511ef859491580a281efe
.bing.com/ Name: MUID
Value: 34FC7A1609906D211B0B6EFF083A6C97
.bat.bing.com/ Name: MR
Value: 0
.nuvamawealth.com/ Name: WZRK_G
Value: ffbef80e75f84524a73c2d1e97d5bc54
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: 8jce4ixpSGfwJ5tV11JoCe692chedCZjNkxJSRkSs7LK1/pQGcSHayptafXRFr+bIo2lME/9ILw1J4r6OtQCvJHmKo1hLAC5lyLhPv/7RcJ5bGnmg1eAWxbF1ixM
.nuvamawealth.com/ Name: WZRK_S_6K9-KW7-745Z
Value: %7B%22p%22%3A1%2C%22s%22%3A1724846490%2C%22t%22%3A1724846491%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8696767.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
bat.bing.com
cdn.yellowmessenger.com
cloud.yellow.ai
code.jquery.com
connect.facebook.net
d2r1yp2w7bby2u.cloudfront.net
ekr.zdassets.com
googleads.g.doubleclick.net
in.clevertap-prod.com
nwaop.nuvamawealth.com
onboarding.nuvamawealth.com
s.yimg.com
sp.analytics.yahoo.com
static.zdassets.com
stats.g.doubleclick.net
td.doubleclick.net
v2.zopim.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
cloud.yellow.ai
onboarding.nuvamawealth.com
104.17.97.195
104.18.1.51
104.18.7.105
104.18.72.113
13.225.63.13
142.250.176.194
142.250.65.195
142.250.65.230
142.250.80.68
142.251.32.110
142.251.40.102
142.251.40.98
142.251.41.8
150.171.27.10
151.101.194.137
157.240.241.1
157.240.241.35
172.253.115.155
18.173.132.34
216.239.36.181
52.85.61.128
54.240.162.28
54.88.71.74
69.147.92.11
0424e96b4f9554b0e381dbeb1168ef4f3f9534db0fdae172b8e8ee4e789fc604
08ef551b2f91980be672887ce7eb75ae51246f1cef0dc6df96eb15bb7f67ad79
0c4a7f42428d3c734e2f46390af364677dfa47d99e69b22c56a03e8bd3fd4c14
0c7ce815305d774a7434cb2bd9abf83f8e11fa36e05dff37eee58989df8fa8f7
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
25a390f13809556e24125968d637e32ba68a03548f7e2f9e11490e6dbb13ea96
334792603e185228465fe1600d535be07b105133ea2b84c3df86f4d120dd1b07
367af9bf93b439969d1c43252f5f16e593b841f7352452ec0cd7afed9789c8aa
39a57830e051cc3fec5cd29df04f709ffa4ffe44dee74ac9fdf3a7e9bf76f08c
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b595ce3c4fff608d18623811b464c2e854666e87092e49b3b444a88852189e
4618a98934083dfd196c53f4a9bb417be682e9189f3005340912d190a0729d8d
4b36db09fb8f59545cc54fbf0d7af00d23cc9c2569769eebc5a9126e804b13de
4d29f62cb8768e1b94b640aff47c2747a5dade8f2289fc1aaae1f0df34be893f
4df29f2bf7256300e2a9b90be23700f054ea080df730a051810955d24c9ce738
525aaec344c6873f70ebc08c4367e82d900a0738b268989ed9d13fc8060b0715
5532ee48ae379bef327e4ba2690dea52eef800306b4179a415bc8b9ca9143b3a
55ed2edacd2f5844d0a2e6bc19cd85297209544eccdf647673e914503df65efa
5953c3f1af06e0d3310c4927725822538723d3755de0239daddac92a01c52f44
5cf5da41231d1e2fab37f3aea3d8d2f075c1f4a0d2d9b67e5e2a94db5d443888
5ea96988a93da061dbab8a3ecca63ae01a4183b0ea44f6cb023458e3038f857b
5f4bffb30dae62c3c4a5d9c0138e73279a787cfa1661f7b3829e43ba700d4635
61535848a6e52971b7d135998cb1c845c69f494640486b897ce9fa9eb53539d1
6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103
6ae83c2ac8d4ebc1452f3dfda778d874215a79d466df68adbcf0b97b0ed095e6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71022826bd0b211a297065e44f5c6de8d5cc989be7c7d1c44b390c4affad9305
78e0680267ec6ea17ce7d29d65f33c840e67bbd021fd89a1b3131f72bf4ba1a6
861dbd7c57868ca306b2ee4a91e7df9db431eee02bbfe24880d51d40be60e5c1
88d4b5586b890087ea90ca835601ebbddcc3c74964bf5c0796d8bd91722be02e
8f4b7178ef62e2f4ed2b990d20b08f765ea2e858a01443304993639bb710e78d
9066a1e20e58e81805a7f34a04032dc8b16ef89b3cf891f403de757d4b300996
9105996da21f9cc26f45769b4182cdc3081e172eb3753ea0413698e1dea8a8cf
94deae89f8d8d451968c86496f8d9b3d8b3588fd18df7e94e00cdf026b960202
95fe2f4a61085e40dd701e9cf74f8308ad65311687440d65ea6e8370519d77df
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
a5d68d0bb97247c36ecf290acc093d03418b595d8f5f87d26302a1ce0f7846cf
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
adae8222cc80da8f264ec0ea2c8b6ca7c0736a8ebcea66305d44aab72fc13894
b244124ea2951bdb620917d3247ff5afb29cfb3393daf67db8328e4ebf749d8b
b36a31f40881097e561d5ae3ddd1bb2f560fa169af4d343cecfc4561803458f1
bae145134387f6b315086c73b2c879ecc3a6abffb5fcbdacf83b66492a6162a6
c11a947fe2d223d52825803a4f83af622e13aaef7a7bae10077f0ec4630a91bb
c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a
c7f3bc07150464544a9bd6566a55cb00c2ac054d54e655687d62c51741b30e26
dc832f6d7349dd41f93836cd9b253fd242ef98b9947b171118b31fb171b98e96
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e26678c31d9b0a6a2198109cb4689cd8a713202f1851ee050855333b6db02fa5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed227504f3c41cb5de1160b0b95f00fe7baa0d54147b134525d0171ca2598fc8
ed5eec662b27f7c117c1536a39f5b625803802584062245468a9558fea0aa336
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f57faa602933fa2c5449d3487280a5bd1d82fd8f8a2ddcef80de8847c7d1121b
f5aa92077a756291f03064c3efd365c63f82cd5269b7b80fdddb79eb61c37494
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fde2605c1edae449eb99cc527344e0a3d8a5a236ab91f752995e43424ff57f6b